Completed: 12 July 2022
Our contact details
Name: Andrew Quinn, trading as qb earcare
The type of personal information we collect
We currently collect and process the following information:
Identification and contact data (name, address, date of birth, email address, telephone number, etc)
Physical health data that is relevant to ear health and ear care
Financial information (credit/debit card details) for the payment of goods and services delivered
The Internet Protocol (IP) address used to connect your computer to the Internet; login and password (for the website members’ area); computer and connection information.
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
When you book an appointment on our website, as part of the process, we collect personal information you give us such as your name, email address and telephone number. Your personal information will be used in order to communicate with you about your appointment, and any changes to it.
When you engage with us in person for our ear wax removal service, we collect other details, such as your address and medical health data. This is to enable us to be aware of anything that might be relevant to, or affect our ability to provide an ear wax removal service to you safely.
We do not obtain personal data indirectly from third parties.
We may share your medical information, plus personal identifiers such as name, address, date of birth with your GP, or other private or NHS medical services such as ENT departments, if an onwards referral is required.
We will not share your data with any other third parties.
Under the UK General Data Protection Regulation (UK GDPR), we consider our lawful basis for processing the types of personal data above to be the fulfilment of our contract with you to deliver services to you. If you have given us your email address, we will use that to communicate with you specifically in relation to matters to do with you as a client.
How we store your personal information
Your information is securely stored.
Our website is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows you to book our services. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
We keep an electronic copy of the data you provide us during an appointment, and securely destroy the paper copy. The electronic data is stored in the cloud, and is password-protected.
When we dispose of your personal information, we will do so securely.
Your data protection rights
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
If you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact us at email@example.com or write to us at: 1/6 Arran Place, Edinburgh, EH15 2DU.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at firstname.lastname@example.org, or by writing to Andrew Quinn at 1/6 Arran Place, Edinburgh, EH15 2DU.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk